WO2012009972A1 - Key distribution method and system for handover - Google Patents

Key distribution method and system for handover Download PDF

Info

Publication number
WO2012009972A1
WO2012009972A1 PCT/CN2011/070533 CN2011070533W WO2012009972A1 WO 2012009972 A1 WO2012009972 A1 WO 2012009972A1 CN 2011070533 W CN2011070533 W CN 2011070533W WO 2012009972 A1 WO2012009972 A1 WO 2012009972A1
Authority
WO
WIPO (PCT)
Prior art keywords
value
ncc
key
handover
enb
Prior art date
Application number
PCT/CN2011/070533
Other languages
French (fr)
Chinese (zh)
Inventor
杜高鹏
朱永升
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012009972A1 publication Critical patent/WO2012009972A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/0005Control or signalling for completing the hand-off
    • H04W36/0011Control or signalling for completing the hand-off for data sessions of end-to-end connection
    • H04W36/0033Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information
    • H04W36/0038Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information of security context information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/047Key management, e.g. using generic bootstrapping architecture [GBA] without using a trusted network node as an anchor
    • H04W12/0471Key exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the present invention relates to the field of mobile communication technologies, and in particular, to a key distribution method and system for handover.
  • LTE Long Term Evolution, Long Term Evolution
  • S AE System Architecture Evolution , System Architecture Evolution
  • 3GPP Third Generation Partnership Project
  • EUTRAN Evolved Universal Terrestrial Radio Access Network
  • the current key distribution method is as follows: The first handover performs a horizontal key generation chain, and the subsequent handover performs a vertical key generation chain.
  • FIG. 1 shows a schematic diagram of a key distribution process for the first handover.
  • eNB A switches to eNB B, eNB A performs a horizontal key generation chain. The specific process is described as follows:
  • Step 101 The UE reports a Measurement Report to the eNB A.
  • the K eNB is a shared key generated by the core network and sent to the eNB A when the UE accesses the eNB A, so that the eNB A derives the key of the AS (access layer) according to the key.
  • KDF Key Derivation Function
  • KDF Key Derivation Function
  • Step 103 the eNB A initiates a Handover Request to the target base station eNB B, and forwards the ⁇ NCC, KeNB* ⁇ to the eNB B;
  • NCC Next Hop Chaining Counter
  • Step 105 eNB B returns Handover Request Ack, and sets NCC
  • a HO Command Handover Command
  • Step 107 the UE generates K eNB *, II PCI II EARFCN_DL), and
  • Step 108 The UE sends a Handover Confirm to the eNB B.
  • Step 109 After completing the interaction with the handover signaling of the UE, the eNB B sends a Path Switch Request message to the MME.
  • Step 112 The eNB B saves the received ⁇ NCC, NH ⁇ pair for the next switch, and deletes other ⁇ NCC, NH ⁇ pairs that may be existing but not used;
  • Step 113 after the handover is completed, the eNB B sends a Release Resource to the eNB A.
  • the source message informs the eNB A to release the relevant resources of the UE.
  • FIG. 2 is a schematic diagram of a key distribution process for the first handover.
  • eNB C performs a vertical key generation chain by using a new ⁇ NH, NCC ⁇ . .
  • Step 201 The UE sends a Measurement Report to the eNB B.
  • Steps 205-206 the eNB C puts the NCC into the transparent container of the HO Command message, and forwards it to the UE through the source eNB B;
  • EARFCN_DL), and K eNB K eNB *;
  • steps 208 ⁇ 213 refer to steps 108 ⁇ 113 in Figure 1.
  • the main difference is that the NCCs of the two handovers are different, and will not be described here.
  • eNB A when the UE first switches from eNB A to eNB B, eNB A can derive the key of eNB B; when the UE switches from eNB B to eNB C for the second time, eNB B can The key of eNB C is derived.
  • eNB A cannot calculate the key of eNB C, that is, it takes 2 hops to achieve the purpose of forward security.
  • forward security refers to sharing a key K eNB for one eNB and one UE, and the eNB cannot calculate a key between the UE and another eNB.
  • the key K eNB of the target eNB is provided by the source eNB, so that once the source eNB is compromised, the key K eNB of the target eNB may be acquired during the X2 handover process. This is very unsafe; 2.
  • the current key distribution mechanism requires at least 2 hops to achieve forward security purposes, and cannot reach ⁇ 1 ⁇ forward security. Summary of the invention
  • the technical problem to be solved by the present invention is to provide a method and system for key distribution of a handover, which can achieve the purpose of forward security for one hop.
  • the present invention provides a handover key distribution method, and the method includes:
  • the target base station When the terminal performs handover between the source base station and the target base station, the target base station requests key generation information from the core network;
  • the target base station generates a key according to the key generation information provided by the core network, and the key is used to derive the key of the access layer.
  • the key generation information includes an intermediate key ( ⁇ ) value corresponding to a next hop chain counter ( NCC );
  • the target base station In the step of the target base station generating a key according to the key generation information provided by the core network, the target base station generates a key K eNB according to the threshold value.
  • the step of the target base station requesting the key generation information from the core network includes:
  • the target base station When receiving the handover request sent by the source base station, the target base station generates a second NCC value according to the first NCC value included in the handover request, and sends a handover NCC request to the core network mobility management entity, where the handover NCC request includes the second NCC value;
  • the mobility management entity When receiving the handover NCC request, the mobility management entity determines the NH value according to the second NCC value and the locally stored NCC value, and is included in the handover NCC response and sent to the target base station.
  • the step of determining, by the mobility management entity, the NH value according to the second NCC value and the locally saved NCC value comprises:
  • the mobility management entity compares the second NCC value with the locally stored NCC value,
  • the second NCC value is equal to the locally saved NCC value, determining the NH value corresponding to the second NCC value as the NH value; If the second NCC value is greater than the locally saved NCC value, the locally saved NCC value is set to the second NCC value, and the NH value corresponding to the second NCC value is calculated and determined as the NH value;
  • the handover NCC response sent by the mobility management entity to the target base station further includes an NCC value corresponding to the NH value; the target base station receives The NCC value is saved and forwarded to the terminal;
  • the terminal calculates a corresponding NH value according to the NCC value sent by the target base station, and calculates K eNB according to the calculated NH value.
  • the target base station calculates the second NCC value according to the following formula:
  • NCC 2 I KDF(NCCi
  • CRNTI) NCC maximum value, where NCd is the first NCC value, NCC 2 is the second NCC value, and CRNTI is the cell Wireless network temporary identification.
  • the second NCC value is smaller than the NCC value saved by the mobility management entity
  • the locally saved NCC value is equal to the maximum value in the NCC value range
  • the corresponding NCC value is directly calculated according to the locally saved NCC value.
  • the NH value is determined as the NH value.
  • the value range of the NCC is greater than or equal to 0 and less than or equal to 63.
  • a switched key distribution system the system includes: a base station and a core network, the base station includes a key information requesting unit and a key generating unit, and the core network includes a key information providing unit, wherein the key information requesting unit
  • the method is configured to: when receiving a handover request requested by the terminal, requesting the key generation information from the core network;
  • the key information providing unit is configured to provide the key generation information for the key information request unit according to the request;
  • the key generation unit is configured to generate a key based on the key generation information provided by the key information providing unit, the key being used to derive a key of the access layer.
  • the key generation information includes an NH value corresponding to the NCC
  • the key generated by the key generation unit is a K eNB
  • the key information requesting unit is further configured to: generate a second NCC value according to the first NCC value included in the handover request, and request the key generation information from the core network by sending a handover NCC request to the core network mobility management entity, where the switching NCC is performed
  • the request contains a second NCC value
  • the key information providing unit is further configured to, when receiving the handover NCC request, determine the NH value according to the second NCC value and the locally stored NCC value, and include the transmission to the key information requesting unit in the handover NCC response.
  • the key information providing unit is further configured to determine the NH value according to the second NCC value and the locally saved NCC value as follows:
  • the locally saved NCC value is set to the second NCC value, and the NH value corresponding to the second NCC value is calculated and determined as the NH value;
  • the locally saved NCC value is incremented.
  • the system further includes a terminal, where the terminal further includes a key calculation unit,
  • the key information providing unit is further configured to further include, in the handover NCC response sent to the key information requesting unit, an NCC value corresponding to the determined NH value;
  • the key information requesting unit is further configured to: after receiving the NCC value, save and forward the data to the terminal; the key calculating unit is configured to calculate a corresponding NH value according to the NCC value sent by the received key information requesting unit, and calculate according to the calculation The resulting NH value is calculated as K eNB .
  • the present invention also provides a base station in a key distribution system for handover, comprising a key information requesting unit and a key generating unit, wherein:
  • the key information requesting unit is configured to request key generation information from a core network in the switched key distribution system when receiving a handover request requested by the terminal;
  • the key generation unit is configured to: generate a key according to the key generation information provided by the core network according to the request of the key information request unit, where the key is used to derive the density of the access layer Key.
  • the key generation information includes an intermediate key (NH) value corresponding to a next hop chain counter (NCC), and the key generated by the key generation unit is a K eNB ;
  • NH intermediate key
  • NCC next hop chain counter
  • the key information requesting unit is further configured to generate a second NCC value according to the first NCC value included in the handover request, and request key generation information from the core network by sending a handover NCC request to the core network mobility management entity. And including, in the handover NCC request, the second NCC value; and receiving a handover NCC response sent by the core network, where the handover NCC response includes the core network according to the second NCC value and a locally saved NCC The value of the determined NH value.
  • the present invention also provides a terminal in a switched key distribution system, comprising a key calculation unit, the key calculation unit being configured to be based on a next hop chain counter (NCC) transmitted by a base station in the switched key distribution system.
  • NCC next hop chain counter
  • the value calculates the corresponding intermediate key (NH) value, and calculates the key K eNB based on the calculated NH value.
  • the MME provides the target eNB with the generated material of the key, and the target eNB generates the K eNB key.
  • the target eNB generates the K eNB key.
  • FIG. 2 is a schematic diagram of a key distribution process of a second handover in the prior art
  • FIG. 3 is a schematic diagram of a key distribution process of a handover according to an embodiment of the present invention.
  • the core idea of the present invention is that, in the X2 handover, by the interaction between the target eNB and the MME, the MME provides the target eNB with the key generation material, and the target eNB performs the key generation. It is ensured that the source eNB cannot calculate the key between the target eNB and the UE, and achieves the goal of 1 hop forward security.
  • the present invention provides a handover key distribution method, which specifically uses the following technical solutions:
  • the target base station When the terminal performs handover between the source base station and the target base station, the target base station requests key generation information from the core network;
  • the target base station generates a key according to the key generation information provided by the core network, and the key is used to derive a key of the access layer.
  • the key generation information includes an NH value corresponding to the NCC, and the key generated by the target base station according to the NH value is K eNB .
  • the requesting, by the target base station, the key generation information to the core network includes: when the target base station receives the handover request sent by the source base station, generating, according to the first NCC value included in the handover request, generating a second An NCC value, and sending a handover NCC request to the core network mobility management entity, where the second NCC value is included in the handover NCC request;
  • the mobility management entity When the mobility management entity receives the handover NCC request, it determines a corresponding NH value according to the second NCC value and the locally saved NCC value, and is sent to the target base station in the handover NCC response.
  • the mobility management entity determines, according to the second NCC value and the locally saved NCC value, a corresponding NH value, specifically:
  • the mobility management entity compares the second NCC value with a locally saved NCC value, and if the second NCC value is equal to the locally saved NCC value, determining the NH value corresponding to the second NCC value as Said corresponding NH value;
  • the locally saved NCC value is set to the second NCC value, and the NH value corresponding to the second NCC value is calculated and determined as the corresponding NH value;
  • the second NCC value is smaller than the locally saved NCC value, the locally saved NCC value is incremented once, and the NH value corresponding to the incremented NCC value is calculated and determined as the corresponding value.
  • the value of the NCC is greater than or equal to 0 and less than or equal to 63.
  • the target base station calculates the second NCC value according to the following formula:
  • NCC 2 I KDF(NCCi
  • CRNTI) NCC maximum value, where NCCi is the first NCC value, NCC 2 is the second NCC value, CRNTI (Cell Radio Network Temporary Identify) is the temporary identifier of the cell wireless network.
  • the NCC is directly saved according to the local The value calculates the corresponding NH value and determines it as the corresponding NH value.
  • the terminal calculates a corresponding NH value according to the NCC value sent by the target base station, and calculates K eNB according to the calculated NH value.
  • FIG. 3 is a schematic flowchart of a key distribution method of a handover according to an embodiment of the present invention. As shown in FIG. 3, the process of this embodiment is specifically described as follows:
  • Step 301 The Measurement Report is performed on the UE
  • Step 302 The source eNB makes a handover decision according to the Measurement Report reported by the UE, and generates a K eNB *;
  • K eNB * KDF(NH
  • Step 303 The source eNB initiates a Handover Request to the target eNB, and forwards the ⁇ NCC, K eNB * ⁇ to the target eNB through a Handover Request message.
  • CRNTI); preferably, in order to better secure the security of the key, the value range of the standard NCC in the present invention is [ 0, 7] to expand, if the value range can be taken as [0, 63], etc., so that the source eNB can be prevented from deriving the key of the target eNB according to the value of a limited number of NCCs. Further, preferably, if the NCC* generated by the target eNB in this step is the maximum value in the range, then NCC* NCC*-1 is set to avoid the occurrence of the NCC flip.
  • Step 305 The target eNB sends a Handover NCC Request message to the MME, where the message carries the generated NCC*;
  • Step 306 After receiving the Handover NCC Request message, the MME compares the local NCC value with the NCC* value in the message, and determines the NH value as follows:
  • NCC* NCC
  • Step 307 The MME sends a Handover NCC Response message to the target eNB, where the message includes ⁇ NCC, NH ⁇ ;
  • Step 309 The target eNB returns a Handover Request Ack to the source eNB, and includes the NCC value sent by the received MME in the Handover Request Ack message.
  • Step 310 The source eNB sends the NCC to the UE in the Handover Command message.
  • Step 311: After receiving the Handover Command message containing the NCC value, the UE adds the NCC value until it matches the NCC value in the Handover Command message, and then passes Safety parameter The function defined by the specification iteratively calculates the NH corresponding to the NCC, and calculates K eNB according to the NH value, K eNB KDF (NH II PCI II EARFCN DL);
  • the UE does not need to pay attention to how the NCC value sent by the target eNB is determined, and only needs to determine the NCC value according to the existing iterative calculation method.
  • the NH value can be calculated by calculating K eNB .
  • Step 312 The UE returns a Handover Confirm message to the target eNB.
  • Step 313 After completing the interaction with the handover signaling of the UE, the target eNB sends a Path Switch Request message to the MME.
  • Step 314 The MME sends a Path Switch Request Ack to the target eNB, where the message does not carry ⁇ NCC, ⁇ ;
  • Step 315 After the handover is completed, the target eNB sends a Release Resource message to the source eNB to notify the source eNB to release related resources of the UE.
  • the target eNB in step 304, the target eNB generates an NCC* according to the NCC value sent by the source eNB, and in steps 306-308, the MME determines the NH value and sends the value to the target eNB, and the target eNB according to the MME.
  • the provided NH value generates a key, so that the source eNB cannot calculate the key K eNB between the target eNB and the UE, and achieves one-hop forward security.
  • the key distribution system of the present embodiment includes: a base station and a core network, the base station includes a key information requesting unit and a key generating unit, and the core network includes a key information providing unit, wherein the key information requesting unit is configured to: Receiving the handover request requested by the terminal, requesting the key generation information from the core network;
  • the key information providing unit is configured to provide key generation information for the key information request unit according to the request;
  • the key generation unit is configured to generate a key according to the key generation information provided by the key information providing unit, and the key is used to derive a key of the access layer.
  • the key generation information includes an NH value corresponding to the NCC, and the key generated by the key generation unit is K eNB ; the key information requesting unit is further configured to generate the first NCC value according to the handover request a second NCC value, and requesting key generation information from the core network by sending a handover NCC request to the core network mobility management entity, where the second NCC value is included in the handover NCC request;
  • the key information providing unit is further configured to, when receiving the handover NCC request, determine the NH value according to the second NCC value and the locally stored NCC value, and include the transmission to the key information requesting unit in the handover NCC response.
  • the key information providing unit is further configured to determine the NH value according to the second NCC value and the locally stored NCC value as follows:
  • the locally saved NCC value is set to the second NCC value, and the NH value corresponding to the second NCC value is calculated and determined as the NH value; if the second NCC value Less than the locally saved NCC value, the locally saved NCC value is incremented
  • the system further includes a terminal, and the terminal further includes a key calculation unit,
  • the key information providing unit is further configured to further include, in the handover NCC response sent to the key information requesting unit, an NCC value corresponding to the determined NH value;
  • the key information requesting unit is further configured to: after receiving the NCC value, save and forward the data to the terminal; the key calculating unit is configured to calculate a corresponding NH value according to the NCC value sent by the received key information requesting unit, and calculate according to the calculation The resulting NH value is calculated as K eNB .
  • the present invention also provides a base station in a key distribution system for handover, comprising a key information requesting unit and a key generating unit, wherein:
  • the key information requesting unit is configured to request key generation information from a core network in the switched key distribution system when receiving a handover request requested by the terminal;
  • the key generation unit is configured to: generate a key according to the key generation information provided by the core network according to the request of the key information request unit, where the key is used to derive a key of an access layer .
  • the key generation information includes an intermediate key (NH) value corresponding to a next hop chain counter (NCC), and the key generated by the key generation unit is a K eNB ;
  • the key information requesting unit is further configured to generate a second NCC value according to the first NCC value included in the handover request, and request key generation information from the core network by sending a handover NCC request to the core network mobility management entity. And including, in the handover NCC request, the second NCC value; and receiving a handover NCC response sent by the core network, where the handover NCC response includes the core network according to the second NCC value and a locally saved NCC The value of the determined NH value.
  • the present invention also provides a terminal in a switched key distribution system, comprising a key calculation unit, the key calculation unit being arranged to be based on a next hop chain counter (NCC) sent by a base station in the switched key distribution system ) corresponding to the intermediate value calculating key (NH) value, and calculates K eNB key based on the calculated value NH.
  • NCC next hop chain counter
  • NH intermediate value calculating key
  • the present invention provides a handover key distribution method and system.
  • the target base station requests key generation information from the core network; the target base station generates a key according to the core network.
  • the information generation key is used to derive the key of the access layer to solve the security problem of key distribution during the handover process.
  • the MME provides the target eNB with the generated material of the key, and the target eNB generates the K eNB key.
  • the key K eNB of the eNB solves the security problem of key distribution in the handover process and achieves the goal of 1 hop forward security.

Abstract

A key distribution method and system for handover are provided in the present invention, the method includes the following steps: when a terminal switches between a source base station and a target base station, the target base station requests a key generation information from the core network; the target base station generates a key, which is used to derive a key of the access layer, based on the key generation information provided by the core network. The key distribution scheme provided in the present invention provides generation material of the key for the target evolved Node B (eNB) through Mobility Management Entity (MME), and the target eNB generates KeNB key, in this way, in the X2 handover process, even if the source eNB is broken, the key KeNB of the target eNB can not be got, therefore solving the security problem of the key distribution in the handover process, and achieving the purpose of one hop forward security.

Description

一种切换的密钥分发方法及系统  Switching key distribution method and system
技术领域 Technical field
本发明涉及移动通信技术领域, 更具体地, 涉及一种切换的密钥分发方 法及系统。  The present invention relates to the field of mobile communication technologies, and in particular, to a key distribution method and system for handover.
背景技术 Background technique
随着移动通信的普及, 移动通信中的安全问题正受到越来越多的关注, 对移动通信中的安全也提出了更高的要求。 对于 LTE ( Long Term Evolution , 长期演进) 系统而言, 终端在 LTE/S AE ( System Architecture Evolution , 系统 架构演进) 内部网络移动, 及 LTE与其他 3GPP ( 3rd Generation Partnership Project,第三代合作伙伴计划 )系统相互移动时的接入安全问题,是 LTE/SAE 接入安全的核心关键技术, 也是目前 3GPP SA3 (系统和业务工作组 3 ) 目 前研究的重点、热点和难点。它使 EUTRAN( Evolved Universal Terrestrial Radio Access Network, 演进通用陆地无线接入网络 )产品在处理终端移动的过程更 加复杂, 可能在将来的实际组网影响无线网络性能, 如掉话率, 切换失败率 等的一个主要因素, 因此, 移动状态下的安全问题, 已成为产品线相关单位 关注的焦点问题。 With the popularity of mobile communications, security issues in mobile communications are receiving more and more attention, and higher requirements are placed on security in mobile communications. For the LTE (Long Term Evolution, Long Term Evolution) system, a terminal in LTE / S AE (System Architecture Evolution , System Architecture Evolution) mobile internal network, and LTE and other 3GPP (3 rd Generation Partnership Project, the Third Generation Partnership The problem of access security when the systems move with each other is the core key technology of LTE/SAE access security, and it is also the focus, hotspot and difficulty of current research of 3GPP SA3 (System and Business Working Group 3). It makes the process of moving EUTRAN (Evolved Universal Terrestrial Radio Access Network) products in the processing terminal more complicated, and may affect the performance of the wireless network in actual networking in the future, such as call drop rate, handover failure rate, etc. A major factor, therefore, the security issue in the mobile state has become the focus of attention of product line related units.
在 LTE系统中, 当发生同一个 MME ( Mobile Management Entity , 移动 管理实体)下两个 eNB ( evolved Node B , 演进的节点 B )之间的 X2切换时, 同样存在着密钥分发的安全问题。  In the LTE system, when an X2 handover between two eNBs (evolved Node Bs) of the same MME (Mobile Management Entity) occurs, there is also a security problem of key distribution.
目前的密钥分发方式为: 第一次切换执行横向密钥生成链, 后续的切换 执行纵向密钥生成链。  The current key distribution method is as follows: The first handover performs a horizontal key generation chain, and the subsequent handover performs a vertical key generation chain.
下面将结合附图对现有技术的密钥分发方式加以介绍。假设 eNB A、 eNB B和 eNB C归属同一个 MME, UE在三个 eNB之间进行 X2切换, 图 1示出 了第一次切换的密钥分发流程示意图, 结合图 1 , UE第一次从 eNB A切换到 eNB B时 , eNB A执行横向密钥生成链, 其具体流程描述如下:  The prior art key distribution method will be described below with reference to the accompanying drawings. It is assumed that eNB A, eNB B, and eNB C belong to the same MME, and the UE performs X2 handover between three eNBs. FIG. 1 shows a schematic diagram of a key distribution process for the first handover. When eNB A switches to eNB B, eNB A performs a horizontal key generation chain. The specific process is described as follows:
步骤 101 , UE向 eNB A上报 Measurement Report (测量报告 ) ; 步骤 102, eNB A根据 UE上报的测量报告作出切换决策( HandOver Decision ) , 并生成 KeNB*=KDF(KeNB || PCI || EARFCN— DL); Step 101: The UE reports a Measurement Report to the eNB A. Step 102: The eNB A makes a handover decision (HandOver Decision) according to the measurement report reported by the UE, and generates K eNB *=KDF (K eNB || PCI || EARFCN-DL);
其中的 KeNB为 UE接入 eNB A时, 由核心网 ΜΜΕ生成并下发给 eNB A 的共享密钥,以便 eNB A根据该密钥推导出 AS (接入层)的密钥。而 KDF(Key Derivation Function)是密钥推演函数。 The K eNB is a shared key generated by the core network and sent to the eNB A when the UE accesses the eNB A, so that the eNB A derives the key of the AS (access layer) according to the key. KDF (Key Derivation Function) is a key derivation function.
步骤 103 , eNB A向目标基站 eNB B发起 Handover Request (切换请求 ) , 将 {NCC, KeNB*} 转发给 eNB B;  Step 103, the eNB A initiates a Handover Request to the target base station eNB B, and forwards the {NCC, KeNB*} to the eNB B;
其中, NCC (Next Hop Chaining Counter)为下一跳链计数器。  Among them, NCC (Next Hop Chaining Counter) is the next hop chain counter.
步骤 104, eNB B令 KeNB = KeNB*; Step 104, eNB B makes K eNB = K eNB *;
步骤 105 , eNB B返回 Handover Request Ack (切换请求应答 ) , 将 NCC Step 105, eNB B returns Handover Request Ack, and sets NCC
(此时 NCC=0 )放入该 Handover Request Ack消息的透明容器中; (At this time, NCC=0) is placed in the transparent container of the Handover Request Ack message;
步骤 106, eNB B向 UE发送 HO Command (切换命令 ) , 并将 NCC (此 时 NCC=0 )放入 HO Command消息的透明容器中发送给 UE;  Step 106, the eNB B sends a HO Command (Handover Command) to the UE, and sends the NCC (in this case, NCC=0) to the UE in a transparent container of the HO Command message;
步骤 107, UE生成 KeNB*,
Figure imgf000004_0001
II PCI II EARFCN_DL), 并将
Figure imgf000004_0002
Step 107, the UE generates K eNB *,
Figure imgf000004_0001
II PCI II EARFCN_DL), and
Figure imgf000004_0002
步骤 108, UE向 eNB B发送 Handover Confirm (切换确认) ;  Step 108: The UE sends a Handover Confirm to the eNB B.
步骤 109, eNB B在完成和 UE的切换信令交互后, 向 MME发送 Path Switch Request (路径切换请求) 消息;  Step 109: After completing the interaction with the handover signaling of the UE, the eNB B sends a Path Switch Request message to the MME.
步骤 110, MME接收到 Path Switch Request消息后应将本地保存的 NCC (此前 NCC=1 )值按 1递增, 即令 NCC=NCC+1; 并根据安全参数规范规定 的函数计算新的 NH, NH=KDF(KASME II NH Old), 其中以 KASME和本地保存 的 NH值( NH_01d )作为函数的输入; Step 110: After receiving the Path Switch Request message, the MME should increment the locally saved NCC (previously NCC=1) value by 1, that is, let NCC=NCC+1; and calculate a new NH according to a function specified by the security parameter specification, NH= KDF (K AS ME II NH Old), where K ASME and locally stored NH values (NH_01d ) are used as inputs;
步骤 111 , MME在 Path Switch Ack (路径切换应答 )消息中向目标 eNB B发送新计算的 {NCC, NH}对(此时 NCC=2 ) ;  Step 111: The MME sends a newly calculated {NCC, NH} pair to the target eNB B in the Path Switch Ack message (in this case, NCC=2);
步骤 112, eNB B保存接收到的 {NCC, NH}对, 以备下次切换使用, 并 删除其它可能已有的但未使用的 {NCC, NH}对;  Step 112: The eNB B saves the received {NCC, NH} pair for the next switch, and deletes other {NCC, NH} pairs that may be existing but not used;
步骤 113 , 切换完成后, eNB B向 eNB A发送 Release Resource (释放资 源) 消息 , 通知 eNB A释放 UE的相关资源。 Step 113, after the handover is completed, the eNB B sends a Release Resource to the eNB A. The source message informs the eNB A to release the relevant resources of the UE.
图 2示出了第一次切换的密钥分发流程示意图, 结合图 2, UE第二次从 eNB B切换到 eNB C时, eNB C使用新的 {NH, NCC} ,执行纵向密钥生成链。 FIG. 2 is a schematic diagram of a key distribution process for the first handover. Referring to FIG. 2, when the UE switches from eNB B to eNB C for the second time, eNB C performs a vertical key generation chain by using a new {NH, NCC}. .
步骤 201 , UE向 eNB B上才艮 Measurement Report;  Step 201: The UE sends a Measurement Report to the eNB B.
步骤 202, eNB B作出切换决策并生成 KeNB*, KeNB*=KDF(NH || PCI || EARFCN DL); Step 202, eNB B makes a handover decision and generates K eNB *, K eNB * = KDF (NH | | PCI | | EARFCN DL);
步骤 203 , eNB B通过 Handover Request消息将 {NCC, KeNB*} 转发给目 标 eNB C (此时 NCC=2 ) ; Step 203: The eNB B forwards {NCC, K eNB *} to the target eNB C through the Handover Request message (at this time, NCC=2);
步骤 204, eNB C将 KeNB= KeNB*; Step 204, eNB C will K eNB = K eNB *;
步骤 205 ~ 206 , eNB C将 NCC放入 HO Command消息的透明容器中, 并通过源 eNB B转发给 UE;  Steps 205-206, the eNB C puts the NCC into the transparent container of the HO Command message, and forwards it to the UE through the source eNB B;
步骤 207 , UE 使用消息中的 NCC 对应的 NH 生成 KeNB* , 即 KeNB*=KDF( H II PCI || EARFCN— DL), 并将 KeNB= KeNB*; Step 207: The UE generates K eNB * using the NH corresponding to the NCC in the message, that is, K eNB *=KDF ( H II PCI || EARFCN_DL), and K eNB = K eNB *;
后续步骤 208 ~ 213可参照图 1 中的步骤 108 ~ 113 , 其主要区别在于两 次切换的 NCC不同, 在此不再赘述。  For the subsequent steps 208 ~ 213, refer to steps 108 ~ 113 in Figure 1. The main difference is that the NCCs of the two handovers are different, and will not be described here.
从上述现有切换流程可以看出, UE第一次从 eNB A切换到 eNB B时, eNB A可以推算出 eNB B的密钥; UE第二次从 eNB B切换到 eNB C时 , eNB B可以推算出 eNB C的密钥。 但 eNB A无法推算出 eNB C的密钥, 即需要 2 跳才能达到前向安全的目的。 所谓前向安全是指对一个 eNB和一个 UE共享 密钥 KeNB , 而该 eNB不能推算出该 UE和另一个 eNB之间的密钥。 It can be seen from the above existing handover procedure that when the UE first switches from eNB A to eNB B, eNB A can derive the key of eNB B; when the UE switches from eNB B to eNB C for the second time, eNB B can The key of eNB C is derived. However, eNB A cannot calculate the key of eNB C, that is, it takes 2 hops to achieve the purpose of forward security. The term "forward security" refers to sharing a key K eNB for one eNB and one UE, and the eNB cannot calculate a key between the UE and another eNB.
综上所述, 现有切换的密钥分发存在如下问题: In summary, the key distribution of existing handovers has the following problems:
1、 UE在 eNB之间进行 X2切换时, 目标 eNB的密钥 KeNB是由源 eNB 计算提供,这样,一旦源 eNB被攻破,在 X2切换过程中可能获取到目标 eNB 的密钥 KeNB, 这样是非常不安全的; 2、 目前的密钥分发机制至少需要 2跳才能达到前向安全的目的, 无法达 ^\ 1 ϋ前向安全。 发明内容 1. When the UE performs the X2 handover between the eNBs, the key K eNB of the target eNB is provided by the source eNB, so that once the source eNB is compromised, the key K eNB of the target eNB may be acquired during the X2 handover process. This is very unsafe; 2. The current key distribution mechanism requires at least 2 hops to achieve forward security purposes, and cannot reach ^\ 1 ϋ forward security. Summary of the invention
本发明解决的技术问题是提供一种切换的密钥分发方法及系统, 能够达 到 1跳前向安全的目的。  The technical problem to be solved by the present invention is to provide a method and system for key distribution of a handover, which can achieve the purpose of forward security for one hop.
为解决上述技术问题, 本发明提供了一种切换的密钥分发方法, 方法包 括:  In order to solve the above technical problem, the present invention provides a handover key distribution method, and the method includes:
终端在源基站和目标基站进行切换时, 目标基站向核心网请求密钥生成 信息;  When the terminal performs handover between the source base station and the target base station, the target base station requests key generation information from the core network;
目标基站根据核心网提供的密钥生成信息生成密钥, 该密钥用于推导出 接入层的密钥。  The target base station generates a key according to the key generation information provided by the core network, and the key is used to derive the key of the access layer.
可选地,密钥生成信息包括下一跳链计数器( NCC )对应的中间密钥( ΝΗ ) 值;  Optionally, the key generation information includes an intermediate key ( ΝΗ ) value corresponding to a next hop chain counter ( NCC );
在目标基站根据所述核心网提供的所述密钥生成信息生成密钥的步骤 中, 所述目标基站根据 ΝΗ值生成密钥 KeNBIn the step of the target base station generating a key according to the key generation information provided by the core network, the target base station generates a key K eNB according to the threshold value.
可选地, 目标基站向核心网请求密钥生成信息的步骤包括:  Optionally, the step of the target base station requesting the key generation information from the core network includes:
目标基站收到源基站发送的切换请求时, 根据该切换请求中包含的第一 NCC值生成第二 NCC值, 并向核心网移动管理实体发送切换 NCC请求, 在 该切换 NCC请求中包含第二 NCC值;  When receiving the handover request sent by the source base station, the target base station generates a second NCC value according to the first NCC value included in the handover request, and sends a handover NCC request to the core network mobility management entity, where the handover NCC request includes the second NCC value;
移动管理实体收到切换 NCC请求时, 根据其中的第二 NCC值以及本地 保存的 NCC值确定 NH值, 并包含在切换 NCC响应中发送给目标基站。  When receiving the handover NCC request, the mobility management entity determines the NH value according to the second NCC value and the locally stored NCC value, and is included in the handover NCC response and sent to the target base station.
可选地,移动管理实体根据第二 NCC值以及本地保存的 NCC值确定 NH 值的步骤包括:  Optionally, the step of determining, by the mobility management entity, the NH value according to the second NCC value and the locally saved NCC value comprises:
移动管理实体将第二 NCC值与本地保存的 NCC值进行比较,  The mobility management entity compares the second NCC value with the locally stored NCC value,
如果第二 NCC值等于本地保存的 NCC值, 则将第二 NCC值对应的 NH 值确定为 NH值; 如果第二 NCC值大于本地保存的 NCC值,则将本地保存的 NCC值设置 为第二 NCC值, 计算第二 NCC值对应的 NH值并将其确定为 NH值; If the second NCC value is equal to the locally saved NCC value, determining the NH value corresponding to the second NCC value as the NH value; If the second NCC value is greater than the locally saved NCC value, the locally saved NCC value is set to the second NCC value, and the NH value corresponding to the second NCC value is calculated and determined as the NH value;
如果第二 NCC值小于本地保存的 NCC值,则将本地保存的 NCC值递增 可选地,移动管理实体发送给目标基站的切换 NCC响应中还包含 NH值 所对应的 NCC值; 目标基站收到 NCC值后保存, 并转发给终端;  If the second NCC value is less than the locally saved NCC value, the locally saved NCC value is incremented. Optionally, the handover NCC response sent by the mobility management entity to the target base station further includes an NCC value corresponding to the NH value; the target base station receives The NCC value is saved and forwarded to the terminal;
终端根据目标基站发送的 NCC值计算对应的 NH值, 并根据计算出的 NH值计算 KeNBThe terminal calculates a corresponding NH value according to the NCC value sent by the target base station, and calculates K eNB according to the calculated NH value.
可选地, 目标基站按照如下公式计算第二 NCC值:  Optionally, the target base station calculates the second NCC value according to the following formula:
NCC2= I KDF(NCCi || KeNB* || CRNTI), KDF(NCCi || KeNB* || CRNTI)≠NCC最大值 NCC 2 = I KDF(NCCi || K eNB * || CRNTI), KDF(NCCi || K eNB * || CRNTI)≠NCC max
KDF(NCCi II KeNB* II CRNTI) -1 , KDF(NCCi || KeNB* || CRNTI)=NCC最大值 其中,、 NCd 为第一 NCC值, NCC2为第二 NCC值, CRNTI为小区无 线网络临时标识。 KDF (NCCi II K eNB * II CRNTI) -1 , KDF (NCCi || K eNB * || CRNTI) = NCC maximum value, where NCd is the first NCC value, NCC 2 is the second NCC value, and CRNTI is the cell Wireless network temporary identification.
可选地, 当第二 NCC值小于移动管理实体本地保存的 NCC值时, 若本 地保存的 NCC值递增后等于 NCC取值范围内的最大值, 则直接根据本地保 存的该 NCC值计算对应的 NH值并将其确定为 NH值。  Optionally, when the second NCC value is smaller than the NCC value saved by the mobility management entity, if the locally saved NCC value is equal to the maximum value in the NCC value range, the corresponding NCC value is directly calculated according to the locally saved NCC value. The NH value is determined as the NH value.
可选地, NCC的取值范围为大于等于 0, 小于等于 63。  Optionally, the value range of the NCC is greater than or equal to 0 and less than or equal to 63.
可选地, 一种切换的密钥分发系统, 系统包括: 基站和核心网, 基站包 括密钥信息请求单元及密钥生成单元, 核心网包括密钥信息提供单元, 其中, 密钥信息请求单元设置成, 收到终端请求切入的切换请求时, 向核心网 请求密钥生成信息;  Optionally, a switched key distribution system, the system includes: a base station and a core network, the base station includes a key information requesting unit and a key generating unit, and the core network includes a key information providing unit, wherein the key information requesting unit The method is configured to: when receiving a handover request requested by the terminal, requesting the key generation information from the core network;
密钥信息提供单元设置成, 根据密钥信息请求单元的请求, 为其提供密 钥生成信息;  The key information providing unit is configured to provide the key generation information for the key information request unit according to the request;
密钥生成单元设置成, 根据密钥信息提供单元提供的密钥生成信息生成 密钥, 该密钥用于推导出接入层的密钥。  The key generation unit is configured to generate a key based on the key generation information provided by the key information providing unit, the key being used to derive a key of the access layer.
可选地, 密钥生成信息包括 NCC对应的 NH值, 密钥生成单元生成的密 钥为 KeNB; 密钥信息请求单元还设置成,根据切换请求中包含的第一 NCC值生成第 二 NCC值, 并通过向核心网移动管理实体发送切换 NCC请求向核心网请求 密钥生成信息, 在该切换 NCC请求中包含第二 NCC值; Optionally, the key generation information includes an NH value corresponding to the NCC, and the key generated by the key generation unit is a K eNB ; The key information requesting unit is further configured to: generate a second NCC value according to the first NCC value included in the handover request, and request the key generation information from the core network by sending a handover NCC request to the core network mobility management entity, where the switching NCC is performed The request contains a second NCC value;
密钥信息提供单元还设置成, 收到切换 NCC请求时, 根据其中的第二 NCC值以及本地保存的 NCC值确定 NH值, 并包含在切换 NCC响应中发送 给密钥信息请求单元。  The key information providing unit is further configured to, when receiving the handover NCC request, determine the NH value according to the second NCC value and the locally stored NCC value, and include the transmission to the key information requesting unit in the handover NCC response.
可选地, 密钥信息提供单元还设置成,根据第二 NCC值以及本地保存的 NCC值, 按照如下方式确定 NH值:  Optionally, the key information providing unit is further configured to determine the NH value according to the second NCC value and the locally saved NCC value as follows:
将第二 NCC值与本地保存的 NCC值进行比较,  Comparing the second NCC value with the locally saved NCC value,
如果第二 NCC值等于本地保存的 NCC值, 则将第二 NCC值对应的 NH 值确定为 NH值;  If the second NCC value is equal to the locally saved NCC value, determining the NH value corresponding to the second NCC value as the NH value;
如果第二 NCC值大于本地保存的 NCC值,则将本地保存的 NCC值设置 为第二 NCC值, 计算第二 NCC值对应的 NH值并将其确定为 NH值;  If the second NCC value is greater than the locally saved NCC value, the locally saved NCC value is set to the second NCC value, and the NH value corresponding to the second NCC value is calculated and determined as the NH value;
如果第二 NCC值小于本地保存的 NCC值,则将本地保存的 NCC值递增  If the second NCC value is less than the locally saved NCC value, the locally saved NCC value is incremented.
可选地, 系统还包括终端, 终端还包括密钥计算单元, Optionally, the system further includes a terminal, where the terminal further includes a key calculation unit,
密钥信息提供单元还设置成,在发送给密钥信息请求单元的切换 NCC响 应中还包含确定的 NH值所对应的 NCC值;  The key information providing unit is further configured to further include, in the handover NCC response sent to the key information requesting unit, an NCC value corresponding to the determined NH value;
密钥信息请求单元还设置成, 收到 NCC值后保存, 并转发给终端; 密钥计算单元设置成,根据收到的密钥信息请求单元发送的 NCC值计算 对应的 NH值, 并根据计算出的 NH值计算 KeNBThe key information requesting unit is further configured to: after receiving the NCC value, save and forward the data to the terminal; the key calculating unit is configured to calculate a corresponding NH value according to the NCC value sent by the received key information requesting unit, and calculate according to the calculation The resulting NH value is calculated as K eNB .
本发明还一种切换的密钥分发系统中的基站, 包括密钥信息请求单元及 密钥生成单元, 其中:  The present invention also provides a base station in a key distribution system for handover, comprising a key information requesting unit and a key generating unit, wherein:
所述密钥信息请求单元设置成在收到终端请求切入的切换请求时, 向所 述切换的密钥分发系统中的核心网请求密钥生成信息;  The key information requesting unit is configured to request key generation information from a core network in the switched key distribution system when receiving a handover request requested by the terminal;
所述密钥生成单元设置成: 根据所述核心网根据所述密钥信息请求单元 的请求所提供的所述密钥生成信息生成密钥, 该密钥用于推导出接入层的密 钥。 The key generation unit is configured to: generate a key according to the key generation information provided by the core network according to the request of the key information request unit, where the key is used to derive the density of the access layer Key.
可选地, 所述密钥生成信息包括下一跳链计数器(NCC )对应的中间密 钥 (NH )值, 所述密钥生成单元生成的密钥为 KeNB; Optionally, the key generation information includes an intermediate key (NH) value corresponding to a next hop chain counter (NCC), and the key generated by the key generation unit is a K eNB ;
所述密钥信息请求单元还设置成根据所述切换请求中包含的第一 NCC 值生成第二 NCC值, 并通过向核心网移动管理实体发送切换 NCC请求向所 述核心网请求密钥生成信息, 在该切换 NCC请求中包含所述第二 NCC值; 以及接收所述核心网所发送的切换 NCC响应, 该切换 NCC响应中包含所述 核心网根据所述第二 NCC值以及本地保存的 NCC值所确定的 NH值。  The key information requesting unit is further configured to generate a second NCC value according to the first NCC value included in the handover request, and request key generation information from the core network by sending a handover NCC request to the core network mobility management entity. And including, in the handover NCC request, the second NCC value; and receiving a handover NCC response sent by the core network, where the handover NCC response includes the core network according to the second NCC value and a locally saved NCC The value of the determined NH value.
本发明还提供一种切换的密钥分发系统中的终端, 包括密钥计算单元, 所述密钥计算单元设置成根据切换的密钥分发系统中的基站所发送的下一跳 链计数器( NCC )值计算对应的中间密钥( NH )值, 并根据计算出的 NH值 计算密钥 KeNBThe present invention also provides a terminal in a switched key distribution system, comprising a key calculation unit, the key calculation unit being configured to be based on a next hop chain counter (NCC) transmitted by a base station in the switched key distribution system. The value calculates the corresponding intermediate key (NH) value, and calculates the key K eNB based on the calculated NH value.
本发明提出的密钥分发方案, 通过 MME为目标 eNB提供密钥的生成素 材, 并由目标 eNB生成 KeNB 密钥, 这样, 在 X2切换过程中, 即使源 eNB 被攻破, 也无法获取到目标 eNB的密钥 KeNB, 从而解决了切换过程中密钥分 发的安全问题, 并且达到了 1跳前向安全的目的。 附图概述 According to the key distribution scheme proposed by the present invention, the MME provides the target eNB with the generated material of the key, and the target eNB generates the K eNB key. Thus, in the X2 handover process, even if the source eNB is compromised, the target cannot be acquired. The key K eNB of the eNB solves the security problem of key distribution in the handover process and achieves the goal of 1 hop forward security. BRIEF abstract
附图用来提供对本发明的进一步解释, 并且构成说明书的一部分, 与本 发明的实施例一起用于解释本发明, 并不构成对本发明的限制, 在附图中: 图 1为现有技术的第一次切换的密钥分发流程示意图;  The accompanying drawings are intended to provide a further explanation of the invention, and are a part of the description of the invention. Schematic diagram of the key distribution process for the first handover;
图 2为现有技术的第二次切换的密钥分发流程示意图; 以及  2 is a schematic diagram of a key distribution process of a second handover in the prior art;
图 3为本发明实施例的切换的密钥分发流程示意图。  FIG. 3 is a schematic diagram of a key distribution process of a handover according to an embodiment of the present invention.
本发明的较佳实施方式 Preferred embodiment of the invention
本发明的核心思想在于, 在 X2切换中, 通过目标 eNB与 MME的交互, MME为目标 eNB提供密钥的生成素材, 由目标 eNB来进行密钥的生成, 从 而保证了源 eNB无法推算出目标 eNB和 UE之间的密钥 , 达到 1跳前向安全 的目的。 The core idea of the present invention is that, in the X2 handover, by the interaction between the target eNB and the MME, the MME provides the target eNB with the key generation material, and the target eNB performs the key generation. It is ensured that the source eNB cannot calculate the key between the target eNB and the UE, and achieves the goal of 1 hop forward security.
基于上述思想, 本发明提供一种切换的密钥分发方法, 具体釆用如下技 术方案:  Based on the above idea, the present invention provides a handover key distribution method, which specifically uses the following technical solutions:
终端在源基站和目标基站进行切换时, 所述目标基站向核心网请求密钥 生成信息;  When the terminal performs handover between the source base station and the target base station, the target base station requests key generation information from the core network;
所述目标基站根据核心网提供的所述密钥生成信息生成密钥, 该密钥用 于推导出接入层的密钥。  The target base station generates a key according to the key generation information provided by the core network, and the key is used to derive a key of the access layer.
可选地, 所述密钥生成信息包括 NCC对应的 NH值; 所述目标基站根据 所述 NH值生成的所述密钥为 KeNBOptionally, the key generation information includes an NH value corresponding to the NCC, and the key generated by the target base station according to the NH value is K eNB .
可选地, 所述目标基站向核心网请求密钥生成信息, 具体包括: 所述目标基站收到所述源基站发送的切换请求时, 根据该切换请求中包 含的第一 NCC值生成第二 NCC值,并向核心网移动管理实体发送切换 NCC 请求, 在该切换 NCC请求中包含所述第二 NCC值;  Optionally, the requesting, by the target base station, the key generation information to the core network, the method includes: when the target base station receives the handover request sent by the source base station, generating, according to the first NCC value included in the handover request, generating a second An NCC value, and sending a handover NCC request to the core network mobility management entity, where the second NCC value is included in the handover NCC request;
所述移动管理实体收到所述切换 NCC请求时,根据其中的所述第二 NCC 值以及本地保存的 NCC值, 确定相应的 NH值并包含在切换 NCC响应中发 送给所述目标基站。  When the mobility management entity receives the handover NCC request, it determines a corresponding NH value according to the second NCC value and the locally saved NCC value, and is sent to the target base station in the handover NCC response.
可选地, 所述移动管理实体根据所述第二 NCC值以及本地保存的 NCC 值, 确定相应的 NH值, 具体包括:  Optionally, the mobility management entity determines, according to the second NCC value and the locally saved NCC value, a corresponding NH value, specifically:
所述移动管理实体将所述第二 NCC值与本地保存的 NCC值进行比较, 如果所述第二 NCC值等于本地保存的 NCC值,则将所述第二 NCC值对 应的 NH值确定为所述相应的 NH值;  The mobility management entity compares the second NCC value with a locally saved NCC value, and if the second NCC value is equal to the locally saved NCC value, determining the NH value corresponding to the second NCC value as Said corresponding NH value;
如果所述第二 NCC值大于本地保存的 NCC值, 则将本地保存的 NCC 值设置为所述第二 NCC值, 计算所述第二 NCC值对应的 NH值并将其确定 为所述相应的 NH值;  If the second NCC value is greater than the locally saved NCC value, the locally saved NCC value is set to the second NCC value, and the NH value corresponding to the second NCC value is calculated and determined as the corresponding NH value;
如果所述第二 NCC值小于本地保存的 NCC值, 则将本地保存的 NCC 值递增一次, 计算递增后的 NCC值对应的 NH值并将其确定为所述相应的 丽值。 可选地, 所述 NCC的取值范围为大于等于 0 , 小于等于 63。 If the second NCC value is smaller than the locally saved NCC value, the locally saved NCC value is incremented once, and the NH value corresponding to the incremented NCC value is calculated and determined as the corresponding value. Optionally, the value of the NCC is greater than or equal to 0 and less than or equal to 63.
可选地, 所述目标基站按照如下公式计算所述第二 NCC值:  Optionally, the target base station calculates the second NCC value according to the following formula:
NCC2= I KDF(NCCi || KeNB* || CRNTI), KDF(NCCi || KeNB* || CRNTI)≠NCC最大值 NCC 2 = I KDF(NCCi || K eNB * || CRNTI), KDF(NCCi || K eNB * || CRNTI)≠NCC max
KDF(NCCi II KeNB* II CRNTI) -1 , KDF(NCCi || KeNB* || CRNTI)=NCC最大值 其中, NCCi 为第一 NCC值, NCC2为第二 NCC值, CRNTI ( Cell Radio Network Temporary Identify )为小区无线网络临时标识。 KDF (NCCi II K eNB * II CRNTI) -1 , KDF (NCCi || K eNB * || CRNTI) = NCC maximum value, where NCCi is the first NCC value, NCC 2 is the second NCC value, CRNTI (Cell Radio Network Temporary Identify) is the temporary identifier of the cell wireless network.
可选地, 当所述第二 NCC值小于所述移动管理实体本地保存的 NCC值 时, 若本地保存的 NCC值递增后等于 NCC取值范围内的最大值, 则直接根 据本地保存的该 NCC值计算对应的 NH值并将其确定为所述相应的 NH值。  Optionally, when the second NCC value is less than the NCC value saved locally by the mobility management entity, if the locally saved NCC value is incremented to be equal to the maximum value in the NCC value range, the NCC is directly saved according to the local The value calculates the corresponding NH value and determines it as the corresponding NH value.
可选地, 终端根据目标基站发送的 NCC值计算对应的 NH值, 并根据计 算出的 NH值计算 KeNBOptionally, the terminal calculates a corresponding NH value according to the NCC value sent by the target base station, and calculates K eNB according to the calculated NH value.
以下将结合附图及具体实例对本发明技术方案的实施作更进一步详细的 描述。 The implementation of the technical solution of the present invention will be further described in detail below with reference to the accompanying drawings and specific examples.
图 3为本发明实施例的切换的密钥分发方法的流程示意图,如图 3所示, 本实施例流程具体描述如下:  FIG. 3 is a schematic flowchart of a key distribution method of a handover according to an embodiment of the present invention. As shown in FIG. 3, the process of this embodiment is specifically described as follows:
步骤 301 , UE上才艮 Measurement Report;  Step 301: The Measurement Report is performed on the UE;
步骤 302 , 源 eNB根据 UE上报的 Measurement Report作出切换决策, 并生成 KeNB*; Step 302: The source eNB makes a handover decision according to the Measurement Report reported by the UE, and generates a K eNB *;
该步骤中, 如果是第一次切换, 则 Κ6ΝΒ* = KDF(KENB II PCI IIIn this step, if it is the first switch, then ΝΒ 6 ΝΒ* = KDF (K ENB II PCI II
EARFCN DL); 否则, KeNB* =KDF(NH || PCI || EARFCN— DL); EARFCN DL); Otherwise, K eNB * = KDF(NH || PCI || EARFCN- DL);
步骤 303 , 源 eNB向目标 eNB发起 Handover Request, 并通过 Handover Request消息将 {NCC, KeNB*} 转发给目标 eNB; Step 303: The source eNB initiates a Handover Request to the target eNB, and forwards the {NCC, K eNB *} to the target eNB through a Handover Request message.
步骤 304 , 目标 eNB生成 NCC* , NCC*= KDF(NCC || KeNB* || CRNTI); 优选地, 为了更好地保障密钥的安全性, 本发明中将标准 NCC的取值范 围 【0 , 7】进行扩展, 如可以将的取值范围取作【0 , 63】等, 这样, 可以避 免源 eNB根据有限的几个 NCC的取值推算出目标 eNB的密钥。 此外,优选地,如果该步骤中目标 eNB生成的 NCC*为范围内的最大值, 则令 NCC* = NCC*-1 , 以免出现 NCC翻转的情况。 Step 304: The target eNB generates an NCC*, NCC*=KDF (NCC || K eNB * || CRNTI); preferably, in order to better secure the security of the key, the value range of the standard NCC in the present invention is [ 0, 7] to expand, if the value range can be taken as [0, 63], etc., so that the source eNB can be prevented from deriving the key of the target eNB according to the value of a limited number of NCCs. Further, preferably, if the NCC* generated by the target eNB in this step is the maximum value in the range, then NCC* = NCC*-1 is set to avoid the occurrence of the NCC flip.
步骤 305 , 目标 eNB向 MME发送 Handover NCC Request (切换 NCC请 求) 消息, 该消息中携带所生成的 NCC*;  Step 305: The target eNB sends a Handover NCC Request message to the MME, where the message carries the generated NCC*;
步骤 306, MME收到 Handover NCC Request消息后, 将本地的 NCC值 与消息中的 NCC*值进行比较, 并按照如下方式确定 NH值:  Step 306: After receiving the Handover NCC Request message, the MME compares the local NCC value with the NCC* value in the message, and determines the NH value as follows:
( i )如果 NCC* = NCC,则 MME将 NCC = NCC*, 并确定 NH值为 NCC 所对应的 NH;  (i) If NCC* = NCC, the MME will NCC = NCC* and determine that the NH value is the NH corresponding to NCC;
( ii )如果 NCC* > NCC , 则 MME将 NCC = NCC* , 通过安全参数规范 定义的函数迭代计算 NCC对应的 NH*, 然后令 NH = H*;  (ii) If NCC* > NCC, the MME will NCC = NCC*, iteratively calculate the NH* corresponding to the NCC through the function defined by the security parameter specification, and then let NH = H*;
( iii )如果 NCC * < NCC , 则 MME将 NCC = NCC + 1 , 这样做的目的 是向 NCC递增的方向生成 ΝΗ。  (iii) If NCC * < NCC , the MME will NCC = NCC + 1 , the purpose of which is to generate ΝΗ in the direction of increasing NCC.
此外, 对于情况(iii ) , 为了保证釆用纵向密钥生成法时不出现 NCC翻 转的情况, 即 NCC值如果达到最大值或临界值的话应该如何处理,是否重设 为 0, 目前协议上并没有明确的描述, 因此, 为了使 NCC不进行翻转, 本发 明定义了如下处理方式: NCC+1 后如果为取值范围内最大值, 则 NCC = NCC-1, 然后通过规范定义的 KDF(KASME || NH)计算 NH*, 然后令 NH = 丽 *。  In addition, for case (iii), in order to ensure that the NCC flip does not occur when using the vertical key generation method, that is, if the NCC value reaches the maximum value or the critical value, what should be done, whether it is reset to 0, the current agreement There is no clear description. Therefore, in order to prevent the NCC from inverting, the present invention defines the following processing method: If NCC+1 is the maximum value within the range of values, then NCC = NCC-1, and then through the specification defined KDF (KASME || NH) Calculate NH*, then let NH = 丽*.
步骤 307, MME向目标 eNB发送 Handover NCC Response (切换 NCC 响应) 消息, 该消息中包括 {NCC, NH} ;  Step 307: The MME sends a Handover NCC Response message to the target eNB, where the message includes {NCC, NH};
步骤 308, 目标 eNB保存收到的 NCC的值, 并根据收到的 NH值生成 KeNB , KeNB= KDF( H || PCI II EARFCN— DL); Step 308, the target eNB saves the received value of the NCC, and generates K eNB according to the received NH value, K eN B = KDF ( H | | PCI II EARFCN - DL);
步骤 309, 目标 eNB向源 eNB返回 Handover Request Ack (切换请求应 答 ) , 并将收到的 MME发送的 NCC值包含在该 Handover Request Ack消息 中;  Step 309: The target eNB returns a Handover Request Ack to the source eNB, and includes the NCC value sent by the received MME in the Handover Request Ack message.
步骤 310, 源 eNB将 NCC包含在 Handover Command消息中发送给 UE; 步骤 311 , UE收到包含 NCC值的 Handover Command消息后,增加 NCC 值, 直到和 Handover Command消息中的 NCC值相匹配, 然后通过安全参数 规范定义的函数迭代计算 NCC对应的 NH,并根据该 NH值计算 KeNB, KeNB= KDF(NH II PCI II EARFCN DL); Step 310: The source eNB sends the NCC to the UE in the Handover Command message. Step 311: After receiving the Handover Command message containing the NCC value, the UE adds the NCC value until it matches the NCC value in the Handover Command message, and then passes Safety parameter The function defined by the specification iteratively calculates the NH corresponding to the NCC, and calculates K eNB according to the NH value, K eNB = KDF (NH II PCI II EARFCN DL);
需要说明的是, 本发明中无需修改 UE生成密钥的原有处理逻辑, 即, UE不用关注目标 eNB发送的 NCC值是怎么确定的,只需按照现有的迭代计 算方法确定 NCC值对应的 NH值, 再计算 KeNB即可。 It should be noted that, in the present invention, it is not necessary to modify the original processing logic of the UE to generate a key, that is, the UE does not need to pay attention to how the NCC value sent by the target eNB is determined, and only needs to determine the NCC value according to the existing iterative calculation method. The NH value can be calculated by calculating K eNB .
步骤 312, UE向目标 eNB返回 Handover Confirm消息;  Step 312: The UE returns a Handover Confirm message to the target eNB.
步骤 313 , 目标 eNB在完成和 UE的切换信令交互后,向 MME发送 Path Switch Request消息;  Step 313: After completing the interaction with the handover signaling of the UE, the target eNB sends a Path Switch Request message to the MME.
步骤 314 , MME向目标 eNB发送 Path Switch Request Ack , 该消息中不 再携带 {NCC, ΝΗ} ;  Step 314: The MME sends a Path Switch Request Ack to the target eNB, where the message does not carry {NCC, ΝΗ};
步骤 315, 切换完成后, 目标 eNB向源 eNB发送 Release Resource消息, 通知源 eNB释放 UE的相关资源。  Step 315: After the handover is completed, the target eNB sends a Release Resource message to the source eNB to notify the source eNB to release related resources of the UE.
从上述流程可以看出,在步骤 304中, 目标 eNB根据源 eNB发送的 NCC 值生成一 NCC*, 而在步骤 306 ~ 308中, 是由 MME确定 NH值并发送给目 标 eNB, 目标 eNB根据 MME提供的 NH值生成密钥 , 从而使得源 eNB无法 推算出目标 eNB与 UE之间的密钥 KeNB, 达到了 1跳的前向安全。 As shown in the foregoing process, in step 304, the target eNB generates an NCC* according to the NCC value sent by the source eNB, and in steps 306-308, the MME determines the NH value and sends the value to the target eNB, and the target eNB according to the MME. The provided NH value generates a key, so that the source eNB cannot calculate the key K eNB between the target eNB and the UE, and achieves one-hop forward security.
本实施方式的切换的密钥分发系统, 包括: 基站和核心网, 基站包括密 钥信息请求单元及密钥生成单元, 核心网包括密钥信息提供单元, 其中, 密钥信息请求单元用于, 收到终端请求切入的切换请求时, 向核心网请 求密钥生成信息; The key distribution system of the present embodiment includes: a base station and a core network, the base station includes a key information requesting unit and a key generating unit, and the core network includes a key information providing unit, wherein the key information requesting unit is configured to: Receiving the handover request requested by the terminal, requesting the key generation information from the core network;
密钥信息提供单元用于, 根据密钥信息请求单元的请求, 为其提供密钥 生成信息;  The key information providing unit is configured to provide key generation information for the key information request unit according to the request;
密钥生成单元用于, 根据密钥信息提供单元提供的密钥生成信息生成密 钥, 该密钥用于推导出接入层的密钥。  The key generation unit is configured to generate a key according to the key generation information provided by the key information providing unit, and the key is used to derive a key of the access layer.
密钥生成信息包括 NCC对应的 NH值,密钥生成单元生成的密钥为 KeNB; 密钥信息请求单元还设置成,根据切换请求中包含的第一 NCC值生成第 二 NCC值, 并通过向核心网移动管理实体发送切换 NCC请求向核心网请求 密钥生成信息, 在该切换 NCC请求中包含第二 NCC值; The key generation information includes an NH value corresponding to the NCC, and the key generated by the key generation unit is K eNB ; the key information requesting unit is further configured to generate the first NCC value according to the handover request a second NCC value, and requesting key generation information from the core network by sending a handover NCC request to the core network mobility management entity, where the second NCC value is included in the handover NCC request;
密钥信息提供单元还设置成, 收到切换 NCC请求时, 根据其中的第二 NCC值以及本地保存的 NCC值确定 NH值, 并包含在切换 NCC响应中发送 给密钥信息请求单元。  The key information providing unit is further configured to, when receiving the handover NCC request, determine the NH value according to the second NCC value and the locally stored NCC value, and include the transmission to the key information requesting unit in the handover NCC response.
密钥信息提供单元还设置成,根据第二 NCC值以及本地保存的 NCC值, 按照如下方式确定 NH值:  The key information providing unit is further configured to determine the NH value according to the second NCC value and the locally stored NCC value as follows:
将第二 NCC值与本地保存的 NCC值进行比较,  Comparing the second NCC value with the locally saved NCC value,
如果第二 NCC值等于本地保存的 NCC值, 则将第二 NCC值对应的 NH 值确定为 NH值;  If the second NCC value is equal to the locally saved NCC value, determining the NH value corresponding to the second NCC value as the NH value;
如果所述第二 NCC值大于本地保存的 NCC值, 则将本地保存的 NCC 值设置为第二 NCC值,计算第二 NCC值对应的 NH值并将其确定为 NH值; 如果第二 NCC值小于本地保存的 NCC值,则将本地保存的 NCC值递增  If the second NCC value is greater than the locally saved NCC value, the locally saved NCC value is set to the second NCC value, and the NH value corresponding to the second NCC value is calculated and determined as the NH value; if the second NCC value Less than the locally saved NCC value, the locally saved NCC value is incremented
系统还包括终端, 终端还包括密钥计算单元, The system further includes a terminal, and the terminal further includes a key calculation unit,
密钥信息提供单元还设置成,在发送给密钥信息请求单元的切换 NCC响 应中还包含确定的 NH值所对应的 NCC值;  The key information providing unit is further configured to further include, in the handover NCC response sent to the key information requesting unit, an NCC value corresponding to the determined NH value;
密钥信息请求单元还设置成, 收到 NCC值后保存, 并转发给终端; 密钥计算单元设置成,根据收到的密钥信息请求单元发送的 NCC值计算 对应的 NH值, 并根据计算出的 NH值计算 KeNBThe key information requesting unit is further configured to: after receiving the NCC value, save and forward the data to the terminal; the key calculating unit is configured to calculate a corresponding NH value according to the NCC value sent by the received key information requesting unit, and calculate according to the calculation The resulting NH value is calculated as K eNB .
本发明还一种切换的密钥分发系统中的基站, 包括密钥信息请求单元及 密钥生成单元, 其中:  The present invention also provides a base station in a key distribution system for handover, comprising a key information requesting unit and a key generating unit, wherein:
所述密钥信息请求单元设置成在收到终端请求切入的切换请求时, 向所 述切换的密钥分发系统中的核心网请求密钥生成信息;  The key information requesting unit is configured to request key generation information from a core network in the switched key distribution system when receiving a handover request requested by the terminal;
所述密钥生成单元设置成: 根据所述核心网根据所述密钥信息请求单元 的请求所提供的所述密钥生成信息生成密钥, 该密钥用于推导出接入层的密 钥。 可选地, 所述密钥生成信息包括下一跳链计数器(NCC )对应的中间密 钥 (NH )值, 所述密钥生成单元生成的密钥为 KeNB; The key generation unit is configured to: generate a key according to the key generation information provided by the core network according to the request of the key information request unit, where the key is used to derive a key of an access layer . Optionally, the key generation information includes an intermediate key (NH) value corresponding to a next hop chain counter (NCC), and the key generated by the key generation unit is a K eNB ;
所述密钥信息请求单元还设置成根据所述切换请求中包含的第一 NCC 值生成第二 NCC值, 并通过向核心网移动管理实体发送切换 NCC请求向所 述核心网请求密钥生成信息, 在该切换 NCC请求中包含所述第二 NCC值; 以及接收所述核心网所发送的切换 NCC响应, 该切换 NCC响应中包含所述 核心网根据所述第二 NCC值以及本地保存的 NCC值所确定的 NH值。  The key information requesting unit is further configured to generate a second NCC value according to the first NCC value included in the handover request, and request key generation information from the core network by sending a handover NCC request to the core network mobility management entity. And including, in the handover NCC request, the second NCC value; and receiving a handover NCC response sent by the core network, where the handover NCC response includes the core network according to the second NCC value and a locally saved NCC The value of the determined NH value.
本发明还提供一种切换的密钥分发系统中的终端, 包括密钥计算单元, 所述密钥计算单元设置成根据切换的密钥分发系统中的基站所发送的下一跳 链计数器(NCC )值计算对应的中间密钥(NH )值, 并根据计算出的 NH值 计算密钥 KeNBThe present invention also provides a terminal in a switched key distribution system, comprising a key calculation unit, the key calculation unit being arranged to be based on a next hop chain counter (NCC) sent by a base station in the switched key distribution system ) corresponding to the intermediate value calculating key (NH) value, and calculates K eNB key based on the calculated value NH.
以上所述仅为本发明的优选实施例而已, 并不用于限制本发明, 对于本 领域的技术人员来说, 本发明可以有各种更改和变化。 凡在本发明的精神和 原则之内, 所作的任何修改、 等同替换、 改进等, 均应包含在本发明的保护 范围之内。 The above description is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序 来指令相关硬件完成, 所述程序可以存储于计算机可读存储介质中, 如只读 存储器、 磁盘或光盘等。 可选地, 上述实施例的全部或部分步骤也可以使用 一个或多个集成电路来实现。 相应地, 上述实施例中的各模块 /单元可以釆用 硬件的形式实现, 也可以釆用软件功能模块的形式实现。 本发明不限制于任 何特定形式的硬件和软件的结合。  One of ordinary skill in the art will appreciate that all or a portion of the above steps may be accomplished by a program instructing the associated hardware, such as a read-only memory, a magnetic disk, or an optical disk. Alternatively, all or part of the steps of the above embodiments may also be implemented using one or more integrated circuits. Correspondingly, each module/unit in the above embodiment may be implemented in the form of hardware or in the form of a software function module. The invention is not limited to any specific form of combination of hardware and software.
工业实用性 本发明提供一种切换的密钥分发方法及系统, 通过终端在源基站和目标 基站进行切换时, 目标基站向核心网请求密钥生成信息; 目标基站根据核心 网提供的密钥生成信息生成密钥, 该密钥用于推导出接入层的密钥的方式, 来解决切换过程中密钥分发的安全问题。 本发明提出的密钥分发方案, 通过 MME为目标 eNB提供密钥的生成素 材, 并由目标 eNB生成 KeNB 密钥, 这样, 在 X2切换过程中, 即使源 eNB 被攻破, 也无法获取到目标 eNB的密钥 KeNB, 从而解决了切换过程中密钥分 发的安全问题, 并且达到了 1跳前向安全的目的。 Industrial Applicability The present invention provides a handover key distribution method and system. When a terminal performs handover at a source base station and a target base station, the target base station requests key generation information from the core network; the target base station generates a key according to the core network. The information generation key is used to derive the key of the access layer to solve the security problem of key distribution during the handover process. According to the key distribution scheme proposed by the present invention, the MME provides the target eNB with the generated material of the key, and the target eNB generates the K eNB key. Thus, in the X2 handover process, even if the source eNB is compromised, the target cannot be acquired. The key K eNB of the eNB solves the security problem of key distribution in the handover process and achieves the goal of 1 hop forward security.

Claims

权 利 要 求 书 Claim
1、 一种切换的密钥分发方法, 包括:  1. A method for key distribution of a handover, comprising:
终端在源基站和目标基站进行切换时, 所述目标基站向核心网请求密钥 生成信息;  When the terminal performs handover between the source base station and the target base station, the target base station requests key generation information from the core network;
所述目标基站根据所述核心网提供的所述密钥生成信息生成密钥, 该密 钥用于推导出接入层的密钥。  The target base station generates a key according to the key generation information provided by the core network, and the key is used to derive a key of the access layer.
2、 如权利要求 1所述的方法, 其中,  2. The method of claim 1 wherein
所述密钥生成信息包括下一跳链计数器(NCC )对应的中间密钥 (NH ) 值;  The key generation information includes an intermediate key (NH) value corresponding to a next hop chain counter (NCC);
在所述目标基站根据所述核心网提供的所述密钥生成信息生成密钥的步 骤中, 所述目标基站根据所述 NH值生成所述密钥 KeNBIn the step of the target base station generating a key according to the key generation information provided by the core network, the target base station generates the key K eNB according to the NH value.
3、 如权利要求 2所述的方法, 其中,  3. The method of claim 2, wherein
所述目标基站向核心网请求密钥生成信息的步骤包括:  The step of the target base station requesting key generation information from the core network includes:
所述目标基站收到所述源基站发送的切换请求时, 根据该切换请求中包 含的第一 NCC值生成第二 NCC值,并向核心网移动管理实体发送切换 NCC 请求, 在该切换 NCC请求中包含所述第二 NCC值;  When receiving the handover request sent by the source base station, the target base station generates a second NCC value according to the first NCC value included in the handover request, and sends a handover NCC request to the core network mobility management entity, where the handover NCC request is performed. Include the second NCC value;
所述移动管理实体收到所述切换 NCC请求时,根据其中的所述第二 NCC 值以及本地保存的 NCC值确定所述 NH值, 并包含在切换 NCC响应中发送 给所述目标基站。  When the mobility management entity receives the handover NCC request, the NH value is determined according to the second NCC value and the locally saved NCC value, and is included in the handover NCC response and sent to the target base station.
4、 如权利要求 3所述的方法, 其中,  4. The method of claim 3, wherein
所述移动管理实体根据所述第二 NCC值以及所述本地保存的 NCC值确 定所述 NH值的步骤包括:  The step of determining, by the mobility management entity, the NH value according to the second NCC value and the locally saved NCC value includes:
所述移动管理实体将所述第二 NCC值与所述本地保存的 NCC值进行比 较,  The mobility management entity compares the second NCC value with the locally stored NCC value,
如果所述第二 NCC值等于所述本地保存的 NCC值,则将所述第二 NCC 值对应的 NH值确定为所述 NH值;  And if the second NCC value is equal to the locally saved NCC value, determining an NH value corresponding to the second NCC value as the NH value;
如果所述第二 NCC值大于所述本地保存的 NCC值, 则将所述本地保存 的 NCC值设置为所述第二 NCC值,计算所述第二 NCC值对应的 NH值并将 其确定为所述 NH值; If the second NCC value is greater than the locally saved NCC value, the local save The NCC value is set to the second NCC value, and the NH value corresponding to the second NCC value is calculated and determined as the NH value;
如果所述第二 NCC值小于所述本地保存的 NCC值, 则将所述本地保存 丽值。  If the second NCC value is less than the locally saved NCC value, the local value is saved.
5、 如权利要求 3或 4所述的方法, 其中,  5. The method according to claim 3 or 4, wherein
所述移动管理实体发送给所述目标基站的所述切换 NCC 响应中还包含 所述 NH值所对应的 NCC值; 所述目标基站收到所述 NCC值后保存, 并转 发给所述终端;  The switching NCC response sent by the mobility management entity to the target base station further includes an NCC value corresponding to the NH value; the target base station saves the NCC value and forwards it to the terminal;
所述终端根据所述目标基站发送的所述 NCC值计算对应的 NH值,并根 据计算出的 NH值计算所述 KeNBThe terminal calculates a corresponding NH value according to the NCC value sent by the target base station, and calculates the K eNB according to the calculated NH value.
6、 如权利要求 3所述的方法, 其中, 所述目标基站按照如下公式计算所 述第二 NCC值:  6. The method according to claim 3, wherein the target base station calculates the second NCC value according to the following formula:
NCC2= fKDF(NCCi || KeNB* || CRNTI), KDF(NCCi || KeNB* || CRNTI)≠NCC最大值 I KDF(NCCi II KeNB* || CRNTI) -1 , KDF(NCCi || KeNB* || CRNTI)=NCC最大值 其中, NCd 为所述第一 NCC值, NCC2为所述第二 NCC值, CRNTI 为小区无线网络临时标识。 NCC 2 = fKDF(NCCi || K eNB * || CRNTI), KDF(NCCi || K eNB * || CRNTI)≠NCC maximum I KDF(NCCi II K eNB * || CRNTI) -1 , KDF(NCCi || K eNB * || CRNTI)=NCC maximum value, where NCd is the first NCC value, NCC 2 is the second NCC value, and CRNTI is a cell radio network temporary identifier.
7、 如权利要求 4所述的方法, 其中,  7. The method of claim 4, wherein
当所述第二 NCC值小于所述移动管理实体本地保存的 NCC值时, 若所 述本地保存的 NCC值递增后等于 NCC取值范围内的最大值, 则直接根据本 地保存的该 NCC值计算对应的 NH值并将其确定为所述 NH值。  When the second NCC value is less than the NCC value saved locally by the mobility management entity, if the locally saved NCC value is incremented to be equal to the maximum value in the NCC value range, the calculation is directly performed according to the locally saved NCC value. The corresponding NH value is determined as the NH value.
8、 如权利要求所述 6或 7所述的方法, 其中,  8. The method according to claim 6 or 7, wherein
所述 NCC的取值范围为大于等于 0, 小于等于 63。  The value of the NCC is greater than or equal to 0 and less than or equal to 63.
9、 一种切换的密钥分发系统, 包括: 基站和核心网, 所述基站包括密钥 信息请求单元及密钥生成单元, 所述核心网包括密钥信息提供单元, 其中, 所述密钥信息请求单元设置成在收到终端请求切入的切换请求时, 向所 述核心网请求密钥生成信息; 所述密钥信息提供单元设置成根据所述密钥信息请求单元的请求, 为其 提供密钥生成信息; A key distribution system for switching, comprising: a base station and a core network, the base station includes a key information requesting unit and a key generating unit, wherein the core network includes a key information providing unit, wherein the key The information requesting unit is configured to request key generation information from the core network when receiving the handover request requested by the terminal; The key information providing unit is configured to provide key generation information for the key information request unit according to the request;
所述密钥生成单元设置成根据所述密钥信息提供单元提供的所述密钥生 成信息生成密钥, 该密钥用于推导出接入层的密钥。  The key generation unit is configured to generate a key based on the key generation information provided by the key information providing unit, the key being used to derive a key of an access layer.
10、 如权利要求 9所述的系统, 其中, 所述密钥生成信息包括 NCC对应 的 NH值, 所述密钥生成单元生成的密钥为 KeNB; The system of claim 9, wherein the key generation information includes an NH value corresponding to an NCC, and the key generated by the key generation unit is a K eNB ;
所述密钥信息请求单元还设置成根据所述切换请求中包含的第一 NCC 值生成第二 NCC值, 并通过向核心网移动管理实体发送切换 NCC请求向所 述核心网请求密钥生成信息, 在该切换 NCC请求中包含所述第二 NCC值; 所述密钥信息提供单元还设置成在收到所述切换 NCC请求时,根据其中 的所述第二 NCC值以及本地保存的 NCC值确定 NH值, 并包含在切换 NCC 响应中发送给所述密钥信息请求单元。  The key information requesting unit is further configured to generate a second NCC value according to the first NCC value included in the handover request, and request key generation information from the core network by sending a handover NCC request to the core network mobility management entity. And including, in the handover NCC request, the second NCC value; the key information providing unit is further configured to, according to the second NCC value and the locally saved NCC value, when the handover NCC request is received The NH value is determined and included in the handover NCC response sent to the key information requesting unit.
11、 如权利要求 10所述的系统, 其中,  11. The system of claim 10, wherein
所述密钥信息提供单元还设置成根据所述第二 NCC值以及所述本地保 存的 NCC值, 按照如下方式确定所述 NH值:  The key information providing unit is further configured to determine the NH value according to the second NCC value and the locally saved NCC value as follows:
将所述第二 NCC值与所述本地保存的 NCC值进行比较,  Comparing the second NCC value with the locally stored NCC value,
如果所述第二 NCC值等于所述本地保存的 NCC值,则将所述第二 NCC 值对应的 NH值确定为所述 NH值;  And if the second NCC value is equal to the locally saved NCC value, determining an NH value corresponding to the second NCC value as the NH value;
如果所述第二 NCC值大于所述本地保存的 NCC值, 则将所述本地保存 的 NCC值设置为所述第二 NCC值,计算所述第二 NCC值对应的 NH值并将 其确定为所述 NH值;  And if the second NCC value is greater than the locally saved NCC value, setting the locally saved NCC value to the second NCC value, calculating an NH value corresponding to the second NCC value, and determining The NH value;
如果所述第二 NCC值小于所述本地保存的 NCC值, 则将所述本地保存 丽值。  If the second NCC value is less than the locally saved NCC value, the local value is saved.
12、 如权利要求 10或 11所述的系统, 其还包括终端, 所述终端设置成 包括密钥计算单元,  12. The system of claim 10 or 11, further comprising a terminal, the terminal being configured to include a key calculation unit,
所述密钥信息提供单元还设置成在发送给所述密钥信息请求单元的所述 所述密钥信息请求单元还设置成在收到所述 NCC值后保存,并转发给所 述终端; The key information providing unit is further configured to send the message to the key information requesting unit The key information requesting unit is further configured to save after receiving the NCC value, and forward the same to the terminal;
所述密钥计算单元设置成根据收到的所述密钥信息请求单元发送的所述 NCC值计算对应的 NH值, 并根据计算出的 NH值计算 KeNBThe key calculation unit is configured to calculate a corresponding NH value according to the received NCC value sent by the key information request unit, and calculate K eNB according to the calculated NH value.
13、 一种切换的密钥分发系统中的基站, 包括密钥信息请求单元及密钥 生成单元, 其中:  13. A base station in a switched key distribution system, comprising a key information requesting unit and a key generating unit, wherein:
所述密钥信息请求单元设置成在收到终端请求切入的切换请求时, 向所 述切换的密钥分发系统中的核心网请求密钥生成信息;  The key information requesting unit is configured to request key generation information from a core network in the switched key distribution system when receiving a handover request requested by the terminal;
所述密钥生成单元设置成: 根据所述核心网根据所述密钥信息请求单元 的请求所提供的所述密钥生成信息生成密钥, 该密钥用于推导出接入层的密 钥。  The key generation unit is configured to: generate a key according to the key generation information provided by the core network according to the request of the key information request unit, where the key is used to derive a key of an access layer .
14、 如权利要求 13所述的基站, 其中, 所述密钥生成信息包括下一跳链 计数器(NCC )对应的中间密钥(NH )值, 所述密钥生成单元生成的密钥为 The base station according to claim 13, wherein the key generation information includes an intermediate key (NH) value corresponding to a next hop chain counter (NCC), and the key generated by the key generation unit is
Ke B; K e B;
所述密钥信息请求单元还设置成根据所述切换请求中包含的第一 NCC 值生成第二 NCC值, 并通过向核心网移动管理实体发送切换 NCC请求向所 述核心网请求密钥生成信息, 在该切换 NCC请求中包含所述第二 NCC值; 以及接收所述核心网所发送的切换 NCC响应, 该切换 NCC响应中包含所述 核心网根据所述第二 NCC值以及本地保存的 NCC值所确定的 NH值。  The key information requesting unit is further configured to generate a second NCC value according to the first NCC value included in the handover request, and request key generation information from the core network by sending a handover NCC request to the core network mobility management entity. And including, in the handover NCC request, the second NCC value; and receiving a handover NCC response sent by the core network, where the handover NCC response includes the core network according to the second NCC value and a locally saved NCC The value of the determined NH value.
15、 一种切换的密钥分发系统中的终端, 包括密钥计算单元, 所述密钥 计算单元设置成根据切换的密钥分发系统中的基站所发送的下一跳链计数器 ( NCC )值计算对应的中间密钥( NH )值, 并根据计算出的 NH值计算密钥  15. A terminal in a switched key distribution system, comprising a key calculation unit, the key calculation unit being arranged to receive a next hop chain counter (NCC) value according to a base station in the switched key distribution system Calculate the corresponding intermediate key (NH) value and calculate the key based on the calculated NH value
PCT/CN2011/070533 2010-07-22 2011-01-24 Key distribution method and system for handover WO2012009972A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201010236671.X 2010-07-22
CN201010236671.XA CN102340774B (en) 2010-07-22 2010-07-22 A kind of cryptographic key distribution method of switching and system

Publications (1)

Publication Number Publication Date
WO2012009972A1 true WO2012009972A1 (en) 2012-01-26

Family

ID=45496481

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/070533 WO2012009972A1 (en) 2010-07-22 2011-01-24 Key distribution method and system for handover

Country Status (2)

Country Link
CN (1) CN102340774B (en)
WO (1) WO2012009972A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190141585A1 (en) * 2013-12-27 2019-05-09 Huawei Technologies Co., Ltd. Method of Distributing Security Key Context, Mobility Management Entity, and Base Station
US11566118B2 (en) 2016-02-18 2023-01-31 Starlite Co., Ltd. Nanofiber dispersion, method of producing nanofiber dispersion, powdery nanofibers obtainable from the dispersion, resin composition containing the powdery nanofibers ad molding material for 3D printer using the resin composition

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9351160B2 (en) 2012-05-07 2016-05-24 Telefonaktiebolaget L M Ericsson (Publ) Base station and method in relay node mobility
EP2896233A4 (en) * 2012-09-12 2016-05-11 Nokia Technologies Oy Method and apparatus for mobility control in a heterogenous network
CN111148279B (en) * 2018-11-02 2022-02-25 华为技术有限公司 Connection reestablishment method and device
WO2020155157A1 (en) * 2019-02-02 2020-08-06 Oppo广东移动通信有限公司 Security information processing method and apparatus during handover process, network device, and terminal

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101516089A (en) * 2008-02-18 2009-08-26 中国移动通信集团公司 Switching method and system
EP2109278A1 (en) * 2008-04-07 2009-10-14 NTT DoCoMo, Inc. Method and apparatus for generating a new key
CN101772100A (en) * 2008-12-29 2010-07-07 中国移动通信集团公司 Key updating method, equipment and system for switching base station eNB in LTE (Long Term Evolution) system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101309503A (en) * 2007-05-17 2008-11-19 华为技术有限公司 Wireless switching method, base station and terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101516089A (en) * 2008-02-18 2009-08-26 中国移动通信集团公司 Switching method and system
EP2109278A1 (en) * 2008-04-07 2009-10-14 NTT DoCoMo, Inc. Method and apparatus for generating a new key
CN101772100A (en) * 2008-12-29 2010-07-07 中国移动通信集团公司 Key updating method, equipment and system for switching base station eNB in LTE (Long Term Evolution) system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190141585A1 (en) * 2013-12-27 2019-05-09 Huawei Technologies Co., Ltd. Method of Distributing Security Key Context, Mobility Management Entity, and Base Station
US11566118B2 (en) 2016-02-18 2023-01-31 Starlite Co., Ltd. Nanofiber dispersion, method of producing nanofiber dispersion, powdery nanofibers obtainable from the dispersion, resin composition containing the powdery nanofibers ad molding material for 3D printer using the resin composition

Also Published As

Publication number Publication date
CN102340774A (en) 2012-02-01
CN102340774B (en) 2016-05-11

Similar Documents

Publication Publication Date Title
US10999065B2 (en) Method and apparatus for updating a key in an active state
CN110945892B (en) Security implementation method, related device and system
CN109417740B (en) Maintaining security key usage during handover of the same wireless terminal
US8707045B2 (en) Method and apparatus for traffic count key management and key count management
EP2293610B1 (en) Method and device for preventing loss of network security synchronization
US20170359719A1 (en) Key generation method, device, and system
US20100002883A1 (en) Security procedure and apparatus for handover in a 3gpp long term evolution system
KR102187869B1 (en) Method for resolving security issues using nh and ncc pairs in mobile communication system
WO2011137805A1 (en) Method, apparatus and system for security processing in switch process
US20150269028A1 (en) Methods, apparatuses and computer program products enabling to improve handover security in mobile communication networks
US20120077461A1 (en) Method and system for preauthenticating a mobile node
US10624005B2 (en) Method and apparatus for proxy algorithm identity selection
WO2012009972A1 (en) Key distribution method and system for handover
WO2013029461A1 (en) Secure data transmission method and associated device
WO2011153852A1 (en) Method for updating air interface key, core network node, and wireless access system thereof
WO2016154884A1 (en) Communication method, user equipment and base station
WO2009152656A1 (en) Generating method and system for key identity identifier at the time when user device transfers
WO2011137823A1 (en) Key insulation method and device
WO2016026088A1 (en) Path switching method, mobile anchor point and base station
CN113170369A (en) Method and apparatus for security context handling during an intersystem change
WO2018201381A1 (en) Key generation method and related devices
US8713317B2 (en) Method and system for encrypting data in a wireless communication system
CN115244892A (en) Security authentication method, device, equipment and storage medium
WO2023011263A1 (en) Message transmission method and communication apparatus

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11809161

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11809161

Country of ref document: EP

Kind code of ref document: A1